aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/credentials/credential_manager.c
diff options
context:
space:
mode:
authorTobias Brunner <tobias@strongswan.org>2017-10-13 14:33:43 +0200
committerTobias Brunner <tobias@strongswan.org>2017-11-08 16:48:10 +0100
commit024b979522fa8cad18bef96208064db5e68e228e (patch)
tree50541da15f4bca39dfb2945f8a876802cdedaff5 /src/libstrongswan/credentials/credential_manager.c
parentc2935b03c4477a333e0ccb5d9811af7a89a6fa52 (diff)
downloadstrongswan-024b979522fa8cad18bef96208064db5e68e228e.tar.bz2
strongswan-024b979522fa8cad18bef96208064db5e68e228e.tar.xz
certificate: Return signature scheme and parameters from issued_by() method
This also required some include restructuring (avoid including library.h in headers) to avoid unresolvable circular dependencies.
Diffstat (limited to 'src/libstrongswan/credentials/credential_manager.c')
-rw-r--r--src/libstrongswan/credentials/credential_manager.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index 9be7407ef..a4a092e36 100644
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -488,7 +488,7 @@ METHOD(credential_manager_t, remove_local_set, void,
METHOD(credential_manager_t, issued_by, bool,
private_credential_manager_t *this, certificate_t *subject,
- certificate_t *issuer, signature_scheme_t *scheme)
+ certificate_t *issuer, signature_params_t **scheme)
{
if (this->cache)
{
@@ -661,7 +661,7 @@ static certificate_t *get_pretrusted_cert(private_credential_manager_t *this,
*/
static certificate_t *get_issuer_cert(private_credential_manager_t *this,
certificate_t *subject, bool trusted,
- signature_scheme_t *scheme)
+ signature_params_t **scheme)
{
enumerator_t *enumerator;
certificate_t *issuer = NULL, *candidate;
@@ -723,7 +723,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
{
certificate_t *current, *issuer;
auth_cfg_t *auth;
- signature_scheme_t scheme;
+ signature_params_t *scheme;
int pathlen;
auth = auth_cfg_create();
@@ -750,7 +750,8 @@ static bool verify_trust_chain(private_credential_manager_t *this,
DBG1(DBG_CFG, " using trusted intermediate ca certificate "
"\"%Y\"", issuer->get_subject(issuer));
}
- auth->add(auth, AUTH_RULE_SIGNATURE_SCHEME, scheme);
+ auth->add(auth, AUTH_RULE_SIGNATURE_SCHEME, scheme->scheme);
+ signature_params_destroy(scheme);
}
else
{
@@ -768,7 +769,8 @@ static bool verify_trust_chain(private_credential_manager_t *this,
auth->add(auth, AUTH_RULE_IM_CERT, issuer->get_ref(issuer));
DBG1(DBG_CFG, " using untrusted intermediate certificate "
"\"%Y\"", issuer->get_subject(issuer));
- auth->add(auth, AUTH_RULE_SIGNATURE_SCHEME, scheme);
+ auth->add(auth, AUTH_RULE_SIGNATURE_SCHEME, scheme->scheme);
+ signature_params_destroy(scheme);
}
else
{
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-25 06:02:18 +0000